CVE-2026-30560 in SourceCodester Sales and Inventory System
Résumé (Anglaise)
A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the add_supplier.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL.
Responsable
MITRE
Réserver
04/03/2026
Divulgation
30/03/2026
Entrées
| ID | Vulnérabilité | CWE | Base | Temp | 0day | Aujourd'hui | Exp | KEV | EPSS | CTI | Con | CVE |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 354206 | SourceCodester Sales and Inventory System Parameter add_supplier.php cross site scripting | 79 | 4.3 | 4.2 | $0-$5k | $0-$5k | Non défini | 0.00000 | 0.79+ | Non défini | CVE-2026-30560 |